Cisco Firewall :: ASA 5520 - With 99 Percent CPU Usage / Lot Of Shunning?

Oct 18, 2011

Im running ASA 8.0(3) on Active/StandBy failover pair.Last night I realized the CPU usage of my production ASA was 99%,,, on the ASDM Firewall Dashboard I can see counters like this:
 
Dropped Packet Rate (ACL Dropped) = 6000+  (more than 6 thousand)
Scanning Attacks = 18600+ (more than Eighteen thousand)
 
I went on the ASDM and checked the RealTime Log viewer and I have about 30 entries per second of these:
4Oct 19 201111:35:12401004Shunned packet: 10.64.10.1 ==> 10.64.0.1 on interface NewLAN 

[code]...

View 1 Replies


ADVERTISEMENT

Cisco Firewall :: CSC-SSM ASA 5520 CPU Usage Reaches 100 Percent

Jul 27, 2011

I have an ASA 5520 with a CSC-SSM modul,the problem is when i am logging in to my ASDM, on the content security monitoring, it's showing the CPU and memory are at 100%(CSC) but when i directly connect csc-ssm MODULE it comes down,so is it problem with ASDM , java OR csc.

View 5 Replies View Related

Cisco Switching/Routing :: 6509-E 99 Percent CPU Usage

Mar 20, 2013

We are running Cisco 6509-e and we are running load test and when traffic reach 80 mbps switch start reponding very slow. I checked CPU usage and it was using 100% and connection to the switch from outside to inside are 80K. once connection dropp Cisco release CUP and it start responding normal. [code]

View 4 Replies View Related

Cisco Security :: CSCSSM 20 Module On ASA 5510 Causes 100 Percent Cpu Usage

Aug 13, 2011

I installed a CSC-SSM-20 module on ASA 5510. After policy services  have been enabled, services works well for a few minutes, after that the  cpu usage's module rise to 100% and all http traffic is wholy blocked,  till the cpu usage go down.This happens very frequently and  traffic stay blocked for such a long time that it makes the csc-ssm  module unusable. It's disabled right now. ASA version is 8.2(1)and CSC-Module version is 6.6.1172.0.

View 1 Replies View Related

Cisco Security :: 1841 Router - URL Filtering Causes 100 Percent CPU Usage

Apr 7, 2013

whenever I setup URL filtering in 1841 router with policy-map type http and zone-pair command, I experience 100% CPU spike. is there any workaround?

View 1 Replies View Related

Cisco Firewall :: ASA 5520 CPU Usage Is Ranging 87% - 93%

May 8, 2012

Our company’s Cisco ASA 5520 CPU usage drastically increased up to  93% after installing the antivirus our company purchased. Upon entering the show commands, which I will post the result later, it shows that the “Dispatch Unit is very high. I tried to clear the conn of each IP address that has very high bytes, but nothing happened.
 
INTFW(config)# show proc cpu-usage sorted non-zero
PC         Thread       5Sec     1Min     5Min   Process
081aa324   6bdaf870    81.3%    81.5%    81.4%   Dispatch Unit

[Code]....

View 28 Replies View Related

Cisco Firewall :: ASA5510-MEM-1GB With 5520 Usage

Mar 10, 2013

Can I use this memory in my 5520 firewall? ASA5510-MEM-1GB=.

View 1 Replies View Related

Cisco Firewall :: ASA 5510 / Blocking / Shunning Hosts With Service Policy Rules?

Dec 20, 2012

I have an ASA 5510 deployed and we are getting a tonne of port scanning traffic (who isn't these days) and ping traffic.The threat scanning thresholds seem a bit too high and was wondering if there is a way to use a Service Policy Rule to perform a Shun/Block of the hosts rather than the firewall simply blocking the request via the ACL and sending a reply.
 
In other words, if I do nothing, I know the ACL is protecting the resources but it is still replying to the client connection. I want the end result to be the same as a "Shun" where the connection is dropped and no reply is sent. how to employ Service Policy Rules to thwart Port Scanning and/or IP Spoofing? 

View 2 Replies View Related

Cisco Firewall :: 5520 High Memory Usage And Error Creating Access Rules

Feb 13, 2013

I'm having a problem with the memory and also trying to create some rules on the CISCO ASA. The version that I got installed was the 8.2.5.33 on a CISCO 5520 with 512 RAM, the memory usage is on 99% used, 1% free and because of that when I'm trying to create a new rule the firewall brings me the next error..So what I did was a downgrade to the version 8.2 (4) 4 and the memory went down a little (82% used, 18% free) but I still got the error when I'm creating an access rule on the device. One thing and I'm not sure if this could affect on the performance are the number of access list and the object groups that are created.
 
I already open a case with CISCO TAC and they are checking if the problem is with the memory capacity or maybe a memory leak.Also the doubt that I got is with the memory that I got now available should I can create access rules or 82 is still to hig to create a rule or and object group?

View 2 Replies View Related

Cisco Switching/Routing :: Smart Call Home Usage On The ASA 5520 Or RHL

Jun 25, 2012

I'm trying to install a Gateway in Red Hat Linux to Cisco Smart Call Home Service, and reading about this in google, i find this info:Smart Call Home on the ASA This is much more simply to configure and operate.I want to know what solution is more recomended and why.

View 1 Replies View Related

When Check Internet Usage Log On Wireless Company The Usage Is Totally Off?

Apr 3, 2013

however recently when i check my internet usage log on my wireless company (Rogers) the usage is totally off from what my bandwidth tracker shows me. So i decide to turn off my wifi and see what happens, there has always been this weird wifi connection appearing whenever my wifi appears, then afterwards when i turn off my wifi the suspicious wifi connections disappear. is this possible that someone is using our wifi? i might just be overreacting but it has brought me to concern that if the usage continues my family will have to end up paying over $30 for extra internet use. it is very frustrating me because when i check my DHCP client table it only shows 3 connection, ethernet - my desktop which is not turned on, 2 wireless connection - my laptop and my sister's laptop.

View 6 Replies View Related

Cisco Firewall :: ASA 8.4 TCP With RDP Server 5.2 Usage Only

Feb 16, 2013

I decided to migrate to ASA 8.4(5) from 7 and everything went very well with the exception of this one issue.  All ACL and NAT for our various remote desktop servers work perfectly as long as the servers are running an RDP server version greater than 5.2.  For instance, Server 2008 machines (or Win 7 Pro desktops) work perfectly as configured; however, Server 2003 machines (or WinXP Pro desktops) will not.  I'm using manual, static NAT for the object to avoid automatic NAT issues.
 
The client computer displays the non-vista warning message, "The indentity of the remote computer cannot be verified...", but then fails to properly connect stopping at the "Configuring remote session..." status message.  The ASA log shows that it built the TCP, then it displays a teardown with reason TCP Reset-I.
 
I can use a working ACL and NAT (using default TCP 3389 for instance) with a Server 2008 at IP 192.168.15.10 and move a Server 2003 machine to that same IP without touching any configuration at the firewall and it fails.  Move the Server 2008 machine back to that IP and it works perfectly (both set at Port 3389 of course).
 
Here is the relevant info from the config that I am using for this:
------------------------------------------
 
object network RDPServer
host 192.168.15.10
 
object service RDP
service tcp source eq 3389
 
access-list out2in line 1 extended permit tcp any object 192.168.15.10 eq 3389
 
nat (inside,outside) 1 source static RDPServer interface service RDP RDP,The above works pefect as long as a server 2008 machine is at the IP, but fails with a server 2003 machine at the IP.

View 3 Replies View Related

Cisco Firewall :: CPU Usage Per Context On ASA 5585?

Jul 3, 2012

I am currently working with ASA 5585 with several contexts. What is the percentage of the CPU used per context. I already have the opportunity to do it for the whole ASA (context admin) using the SNMP mib CISCO-PROCES but, unfortunalty, this mib doesn't allow us to know the percentage of used CPU per context.
 
I was able to know the number of core used per context but not the percentage of the CPU used.

View 6 Replies View Related

Cisco Firewall :: ASA 5550 8.4.3 Show CPU Usage - Error?

Oct 24, 2012

One of our firewalls  - Cisco ASA 5550 8.4.3  - has got a problem. Our monitoring system requests the cpu usage on the box and from time to time we got an error. It was now possible to catch the error message - the output of show cpu usage looks like on the attached picture.We did not found something in the know bugs neither in the "Resolved Caveats in ASA Version 8.4(4.1) ".

View 1 Replies View Related

Cisco Firewall :: ASA 5510 And 2960S - CSC SSM High CPU Usage

Jan 28, 2013

I have configured an ASA 5510 and 2960S 48 port switch in a lab environment. I have two laptops connected to seperate subinterfaces with server 2003 as dhcp server for one network. Everything has been working fine as we have been testing the ASA while also testing the csc smm module. When we came in today we noticed the csc module cpu is running at 100% constantly and http traffic is extremely slow. I have not yet received my smartnet contracts from the vendor or I would open a TAC case and I have read on the net that this is a common problem.

View 1 Replies View Related

Cisco Firewall :: ASA5520 High CPU Usage CTM Message Handler

Jan 20, 2013

I recently reboot my asa 5520, I was trying to remove webvpn listening from my outside nic, even though it wasn't configured. [code]I was planning to do another reload without the fast reload option.

View 1 Replies View Related

Cisco Firewall :: ASA 5505 8.2 (1) Is Rebooting After High Xlate Usage?

Feb 26, 2012

I have ASA that just started to reboot through out the day yesterday. It seems to happen every few hours but not in a pattern.Right before it reboots there is a flood of sys log id 305006 messages "portmap translation creation failed for tcp src inside:xxx dst outside:xxx the xlats go from around 2-3k to about 30+k then crash.Memory ussage is already pretty high normally on this device (about %75 used) CPU is around %15-20 I notice that the portmap translation errors are always from 3 inside host.

View 4 Replies View Related

Cisco Firewall :: ASA 5505 - Enable Top Usage Tab On ASDM Dashboard?

Feb 3, 2011

Today I upgraded my Cisco ASA 5505 ASDM from version 6.34 to 6.41 cause of some problems on old version with NetFlow. But now when I switch to dashboard i can not see "Top Usage" tab. That was quite usefull for me. It simply disappeared.
 
Can i somehow configure which tabs are displayed on dashboard ? I really need that one and I do not want to downgrade :/

View 7 Replies View Related

Cisco Firewall :: 3.2(10) / Inconsistent Show Resource Usage Output

Feb 15, 2012

I've multiple FWSMs running. The funny thing: When I do a "show resource usage" I have one blade showing a "Conns [rate]" and "Syslogs [rate]" values and one blade isn't.

SSH                         4           5         15             0 admin
Syslogs [rate]             1         437 unlimited             0 admin
Conns                     149       23465 unlimited             0 admin
Xlates                   154         2877 unlimited             0 admin
Hosts                     154         2877 unlimited             0 admin
Mac-addresses               6           7     65535             0 admin

All modules are running the same software version 3.2(10).And the even more funny thing is: on one blade I have different output for all the contexts on it.What's the reason for that behaviour? A bug?

View 2 Replies View Related

Cisco Firewall :: Verification Of Management Interface Usage On 5510

May 24, 2012

I seem to get conflicting information on using the Management port as a regular routed interface on the ASA5510..The management interface can be used for the traffic that passes through the firewall as well. The Security Plus License for the ASA 5510 is required in order to use the management0/0 port as a regular interface. With a base license on the 5510, the management0/0 port cannot be used as a regular interface.
 
I believe that I saw another post that mentioned it was part of the standard IOS if you had a later version.

View 2 Replies View Related

Cisco Firewall :: Different Between ASA-5520-K9 And ASA-5520-K8

Nov 2, 2012

We were using ASA-5520-K9 with  ASA-SSM-AIP-20-K9 but recently found some hardware problem in our running ASA. Now cisco want to replace with ASA-5520-K8.

View 1 Replies View Related

Cisco Switching/Routing :: 4507 - CPU Going At 50 To 60 Percent

Nov 19, 2012

I am having a Cisco 4507 switch. The CPU on the switch is running between 50% to 60% constantly. To troubleshoot I collected some logs using debugs & show commands.
 
debug platform packet all receive buffer
show platform cpu packet buffered
 debug platform packet all count
show platform cpu packet statistics
 show processes cpu sorted | exc 0.00
show platform health
show platform cpu packet statistics
 
show platform health output shows the below process crossing the target value.
 
%CPU   %CPU    RunTimeMax   Priority  Average %CPU  Total
Target Actual Target Actual   Fg   Bg 5Sec Min Hour  CPU 
Stub-JobEventSchedul  10.00  13.41     10     47  100  500   13  13   10  5462:52
K2PortMan Review       3.00   5.35     15     11  100  500    4   4    3  1799:47
 
What I need to know is, though these process are running in Low Priority, will there be any issue if the CPU goes high due to these process.

View 1 Replies View Related

Cisco :: LMS 4.2 - New Install (Windows 2008 R2 SE SP1) Using 100 Percent CPU?

Nov 6, 2012

I have just finished installing LMS 4.2 on a new VM (Windows 2008 R2 Standard Edition SP1). I have already reloaded the server, all LMS services have correctly started. However, the process CS_sm_server.exe still using 100% CPU.Windows 2008 R2 Standard Edition SP1

View 6 Replies View Related

Cisco WAN :: RV082 IPSEC VPN Missing 50 Percent Of Packets

Apr 2, 2013

We have two offices connected using Site-to-Site VPN (IPSEC) as shown:(IP ficticius)Office 1 - We had to use 2 routers since we have a range of valid IPs: From a host in office 2 we normally ping 192.168.102.1 (gateway at office 1),But when pinging a host inside office 1 (eg: 192.168.102.8) 50% of packets have been lost.Could it be a hardware problem?

View 1 Replies View Related

Cisco WAN :: 3825 - What Does Shape Average Percent Mean In QoS Policy

Jan 3, 2010

I am working at a client site that is an MPLS customer.  The customer has an MPLS circuit that runs between their Main HQ and their Disaster Recovery site.  I have been asked to analyze and report as well on the way the Qos Policy is written, and to provide any recommendations on how they can improve performance.There is a statement within the Qos Policy as it exists at each end on the 3825 routers.  The statement is called "shape average percent".  Here is the policy from one side:
 
policy-map QoS
class COS2_traffic
set dscp af31
shape average percent 12
bandwidth percent 13

[code]....

What does this statement mean and how is it different than the the "bandwidth percent" statement?

View 2 Replies View Related

Cisco Switching/Routing :: C3500XL-C3H2S-M - CPU Always In 39 / 40 Percent

Jan 15, 2012

I have two switches that always are with yours CPU in 39 or 40 %. the switches are:
 
IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5)WC3b, RELEASE SOFTWARE (fc1)
 
I think it's very strange the CPU always in 39 or 40 %. neither all ports of the switches are busy there are 6 ports free in each switch. 40 % I think it is a high value for CPU maybe because my IOS version 12.0 ?

View 2 Replies View Related

Cisco WAN :: After IOS Upgrade To 15.x On 2811 MEM Util Raised From 20 To 43 Percent

May 29, 2012

after IOS upgrade to 15.x on Cisco2811 MEM util raised from 20% to 43%. Is it critical?Which level of MEM utilization is critical?

View 6 Replies View Related

Sharing :: All EXE Files Get Stuck At 99 Percent Download

Mar 14, 2013

Whenever i try to download an exe file from the internet, its just get stuck at 99%. It doesn't happen with .rar or any other file. Not to mention, I was able to download net fremwork 4.0 exe installer though. I tried these things: Used different browsers. Used different download managers. Disabled firewall and AV.

View 1 Replies View Related

10 To 90 Percent Of Internet Connectivity Down - Cannot Ping Sites?

Sep 12, 2011

I have ATT DSL and pretty much every night, I lose a large portion of the Internet. I cannot ping these sites, while the rest of the net works fine. The other night, I could not ping major domains like ATT, CNN, MSNBC, BBC (a chronic missing domain). On the other hand, I could get Yahoo fine and go to a streaming audio site and run music perfectly...but about 90% of the Internet was unreachable. Could not load their sites nor ping them in command line. The other 10% worked flawlessly.

View 12 Replies View Related

Cisco Wireless :: AP1252AGN Giving 48 Percent Of Failure Rate Of Ap

Apr 16, 2012

We have a client that has a large number of AIR-AP1252AG-N-K9 installed in the network with power injectors. We have seen a about 48% failure rate of AP's failing with all 3 red lights on the unit. Once I get the AP in the lab I'm unable to get any response from the console, therefore unable to troubleshoot.

View 3 Replies View Related

Linksys Wireless Router :: Firmware Update On WRT160NL Fails At 98 Percent

Sep 23, 2009

Trying to update my firmware 1.00.01 B15 to 1.00.01 B17. I downloaded the firmware to my desktop (using mac os X 10.5.5) and connected my computer directly to port 1 on the back of the router. I used the Firmware upgrade tool under the Administration tab to upload the new firmware file. The update progress starts but fails at 98%

View 4 Replies View Related

Cisco Firewall :: Upgrade From 5505 To 5520 On Network - ASA Firewall Throughput

Feb 27, 2013

I'd like to see some REAL LIFE comparisons of ASA firewall throughput (a bit like this one for ISR G2 Routers - [URL].
 
The reason I ask is that I recently upgraded a firewall from an ASA5505 to an ASA5520 on a small network where the only outside connectivity was a single 10meg Internet circuit with an IPSEC VPN (not landed on the firewall but on a router) to another site.
 
When I swapped out the firewall the users noticed a big improvement. The firewall is not doing anything out of the ordinary - no IPS or VPN, just standard state full inspection.

View 5 Replies View Related

Cisco Firewall :: ASA 5520 - Routed Management Interface On Transparent Firewall?

May 5, 2013

I have an asa 5520.  How would I configure my dedicated management interface to be able to route off subnet while the firewall is in transparent mode?

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved